Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa
File: B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa (raw, json)
Hash identifier: kbgRg8ZwUji9dPreJ4QZOvNLixTZaF4JchXU7XV7mcs=
Subject key identifier: 07:90:4B:FC:C2:F1:D8:B3:7E:B4:E8:54:6F:26:38:78:5E:E4:55:0C
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01856C1CA12884698E64124165E8A8064E83
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203098
IP address blocks: 93.118.38.0/24 maxlen: 24
43.230.56.0/23 maxlen: 23
43.230.58.0/23 maxlen: 23
89.42.8.0/24 maxlen: 24
94.176.106.0/24 maxlen: 24
103.49.84.0/22 maxlen: 22
89.43.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a1:28:84:69:8e:64:12:41:65:e8:a8:06:4e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07904bfcc2f1d8b37eb4e8546f2638785ee4550c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e6:6d:4e:dd:1c:b8:a9:9b:68:43:30:1f:45:
5d:f0:a3:e0:10:df:d1:a8:07:6a:bc:32:84:90:9b:
ea:11:87:81:e0:f6:46:3d:41:da:0c:a7:57:ad:9a:
c9:5c:3d:05:d1:a0:11:f4:bf:06:79:28:e5:96:85:
18:2a:9a:9c:fc:b5:f6:ee:58:1a:a6:ff:f9:49:98:
4d:47:21:12:07:d4:99:75:0f:2b:61:40:59:d0:59:
ad:57:4a:0d:0d:46:35:95:03:78:0b:6e:d6:bf:4f:
db:00:02:c9:e5:45:65:4c:cd:28:34:be:ca:84:97:
b5:c3:b3:18:d7:63:95:82:1c:9c:f3:7a:97:db:37:
fe:c1:4b:7d:1e:3c:32:fb:f7:d4:09:f3:12:c9:e0:
ee:e5:7d:3f:64:e3:aa:da:45:1d:32:00:84:aa:a9:
20:82:2c:d9:27:99:ad:b4:71:3c:db:25:c9:9b:76:
18:39:5d:b5:76:2a:cb:e0:1c:a5:51:79:e6:ee:8b:
5c:cf:74:65:8a:56:c8:49:2e:45:e7:76:3a:cc:4c:
8b:b0:e7:33:0f:11:b1:8c:5d:11:68:03:20:d8:d9:
cf:7a:ad:64:ac:6a:fe:84:4a:97:2b:a5:41:b5:34:
0f:2a:2c:b3:d8:bb:81:69:b4:79:e0:57:b8:1e:7f:
e5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:90:4B:FC:C2:F1:D8:B3:7E:B4:E8:54:6F:26:38:78:5E:E4:55:0C
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.56.0/22
89.42.8.0/24
89.43.32.0/24
93.118.38.0/24
94.176.106.0/24
103.49.84.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:06:57:54:09:dc:3a:0e:c5:53:ff:87:80:3c:6f:cd:62:eb:
1b:17:ef:ae:c7:9d:e3:62:df:20:4d:38:4c:12:09:5f:c7:28:
e1:dd:ae:5a:f7:6e:ec:a6:2a:56:d7:33:9a:ca:06:c3:7b:0e:
91:94:d4:33:99:18:7c:f1:f5:17:7c:c2:52:b8:0b:dc:4a:14:
9b:3e:03:4b:22:b7:af:65:6c:87:d4:86:e8:05:cf:29:46:56:
ea:46:75:93:22:2b:fb:7b:71:b1:e6:6c:aa:ea:82:32:92:68:
ce:43:4b:f0:88:f3:03:c5:67:08:e6:50:f0:05:ca:e2:fb:6a:
fc:71:07:8b:42:05:03:4e:0d:49:f3:bd:b0:28:e4:95:88:de:
ba:d7:93:43:a1:f8:9c:f6:b7:7d:ca:29:b9:08:47:13:e9:84:
db:f2:83:e5:8c:8a:f5:cb:8c:55:0f:b2:4f:32:58:b7:b9:33:
37:69:e1:20:00:36:0e:70:ae:ee:fa:a8:03:1e:24:c3:25:16:
db:62:8e:72:92:23:f4:95:bf:cd:3f:89:e3:f8:01:02:f1:53:
e8:63:67:5e:fc:32:d7:26:3e:06:ed:ff:72:6c:85:3a:ab:1b:
25:6a:57:a4:35:ed:89:2a:dd:a0:57:7c:87:30:a9:42:e9:64:
3e:68:44:8c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVsHKEohGmOZBJBZeioBk6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkwNGJmY2MyZjFkOGIzN2ViNGU4NTQ2ZjI2Mzg3ODVlZTQ1NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+ZtTt0cuKmbaEMwH0Vd8KPgEN/R
qAdqvDKEkJvqEYeB4PZGPUHaDKdXrZrJXD0F0aAR9L8GeSjlloUYKpqc/LX27lga
pv/5SZhNRyESB9SZdQ8rYUBZ0FmtV0oNDUY1lQN4C27Wv0/bAALJ5UVlTM0oNL7K
hJe1w7MY12OVghyc83qX2zf+wUt9Hjwy+/fUCfMSyeDu5X0/ZOOq2kUdMgCEqqkg
gizZJ5mttHE82yXJm3YYOV21dirL4BylUXnm7otcz3RlilbISS5F53Y6zEyLsOcz
DxGxjF0RaAMg2NnPeq1krGr+hEqXK6VBtTQPKiyz2LuBabR54Fe4Hn/ljQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAeQS/zC8dizfrToVG8mOHhe5FUMMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvQjVCTF9NTHgyTE4tdE9oVWJ5WTRlRjdrVlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCK+Y4AwQA
WSoIAwQAWSsgAwQAXXYmAwQAXrBqAwQCZzFUMA0GCSqGSIb3DQEBCwUAA4IBAQBO
BldUCdw6DsVT/4eAPG/NYusbF++ux53jYt8gTThMEglfxyjh3a5a927spipW1zOa
ygbDew6RlNQzmRh88fUXfMJSuAvcShSbPgNLIrevZWyH1IboBc8pRlbqRnWTIiv7
e3Gx5myq6oIykmjOQ0vwiPMDxWcI5lDwBcri+2r8cQeLQgUDTg1J872wKOSViN66
15NDofic9rd9yim5CEcT6YTb8oPljIr1y4xVD7JPMli3uTM3aeEgADYOcK7u+qgD
HiTDJRbbYo5ykiP0lb/NP4nj+AEC8VPoY2de/DLXJj4G7f9ybIU6qxslalekNe2J
Kt2gV3yHMKlC6WQ+aESM
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:28 2024 by rpki-client on console-fra.rpki-client.org